From: traud <pabstraud@compuserve.com>
Date: Sat, 4 Apr 2020 09:28:06 +0000 (+0200)
Subject: app_osplookup: Avoid a format truncation.
X-Git-Tag: 16.11.0-rc1~16
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a5100e717157dcf7698fe3fe23f1e698f1bface5;p=thirdparty%2Fasterisk.git

app_osplookup: Avoid a format truncation.

Ensure that output buffers for the osp_convert_inout
function have sufficient space for additional data
such as brackets and ports.

ASTERISK-28804

Change-Id: Ie54c8241ff0cc653910539c2db00ff2a4869750b
---

diff --git a/apps/app_osplookup.c b/apps/app_osplookup.c
index 78f573a6ca..4e6e5df2b4 100644
--- a/apps/app_osplookup.c
+++ b/apps/app_osplookup.c
@@ -449,6 +449,7 @@
 #define OSP_SIZE_UUID		((unsigned int)16)			/* UUID size */
 #define OSP_SIZE_UUIDSTR	((unsigned int)36)			/* UUID string size */
 #define OSP_SIZE_QOSSTR		((unsigned int)1024)		/* QoS string buffer size */
+#define OSP_SIZE_OUTSTR		((unsigned int)288)		/* OSP out size for osp_convert_inout */
 
 /* Call ID Type*/
 #define OSP_CALLID_UNDEF	((unsigned int)0)			/* Undefined */
@@ -1089,8 +1090,8 @@ static int osp_validate_token(
 	int res;
 	int tokenlen;
 	unsigned char tokenstr[OSP_SIZE_TOKSTR];
-	char src[OSP_SIZE_NORSTR];
-	char dest[OSP_SIZE_NORSTR];
+	char src[OSP_SIZE_OUTSTR];
+	char dest[OSP_SIZE_OUTSTR];
 	unsigned int authorised;
 	unsigned int dummy = 0;
 	int error;
@@ -1518,14 +1519,14 @@ static int osp_lookup(
 	char* tmp;
 	unsigned int tokenlen;
 	char token[OSP_SIZE_TOKSTR];
-	char src[OSP_SIZE_NORSTR];
-	char dev[OSP_SIZE_NORSTR];
-	char host[OSP_SIZE_NORSTR];
+	char src[OSP_SIZE_OUTSTR];
+	char dev[OSP_SIZE_OUTSTR];
+	char host[OSP_SIZE_OUTSTR];
 	unsigned int i, type;
 	struct osp_callid callid;
 	unsigned int callidnum;
 	OSPT_CALL_ID* callids[OSP_CALLID_MAXNUM];
-	char dest[OSP_SIZE_NORSTR];
+	char dest[OSP_SIZE_OUTSTR];
 	const char* preferred[2] = { NULL };
 	unsigned int dummy = 0;
 	OSPEFAILREASON reason;